[LUGOS] NIS/yp

Stane Erzar Stane.Erzar at iskrasistemi.si
Mon Jan 14 14:04:03 CET 2002 


Matjaz( Prelog wrote:

>Pozdravljeni,po dolgem casu sem zal prisiljen narediti nekaj stvari v 
>Linuxu.:(
>
>Imam instaliran RedHat 7.2,na novo sem rekompajlal zadnji 2.4.17 kernel.
>1.) Rad bi nastavil nis/yp klienta,pa mi nekako ne uspe. Zdaj sem nekako 
>porihtal,da se mi ypbind zastarta ob bootu(domaniname sem dal kar v 
>rc.sysinit),v /var/yp/binding/ sta 2 datoteki,moja-domena.1 in 
>moja-domena.2(je to verzija protokola,torej 1 = nis,2 = nis+ ??),ime 
>domene je prav gotovo pravo,z vipw sem dodal na konec +:::::::::,v 
>/etc/group pa +:::,uporabnikov pa mi nikakor noce avtenticirati. yp server 
>je FreeBSD,uporablja se protokol 2. Kaksne ideje,napotki,kako se lahko na 
>clientu/serverju sploh kaj pogleda,nikjer ni kaksnih log-ov.
>
Tudi jaz imam enak problem.ki ga se nisem uspel razresiti.
Kolikor je meni znano je problem pri uporabi algoritmov za kriptiranje 
(DES ali MD5),
Tukaj je en sicer ze malo starejsi tekst , ki sem ga nasel na eni 
FreeBSD mailing listi.

On Thu, Jun 24, 1999 at 12:13:53AM -0400, Nick LoPresti wrote:

>> Here's my situation:
>> 
>> 1.  I would like to set up NIS on my network.
>> 2.  I have one FreeBSD system(2.2.6)
>> 3.  I have many other flavors of Unix on this network
>> 4.  I would like the FreeBSD system to export it's passwd and group files to
>> the other machines
>> 
>> How do I achieve this?  Do I just run ypserv & ypbind?   Any FAQ's around???
>

Well, I've just been through the same problem (and spent around a day
figuring out the answer...).

Making your box a NIS server is easy.  Just do grep -i nis
/etc/defaults/rc.conf and plug the results into your /etc/rc.conf.  You
probably want to enable nis_server and yppasswdd.  You probably also
want to look at ypinit(8).  

The hard bit is making the other Unix hosts understand our password
file.  Beacuse we use MD5 encrypted passwords, instead of DES encrypted
ones, they won't understand them by default.  There's a couple of stages
to this:

1) Install the DES routines.  

   (easy) If you're still running -RELEASE, then try looking on your CD
   for the des packages.  

   (harder) If you've moved up to -STABLE, then you'll need to cvsup the
   secure-all stuff and rebuild the world.  When you've done that, you
   need to repoint the /usr/lib/libcrypt* symlinks to point at
   libdescrypt* instead of libscrypt*.  That last step took a while to
   figure out.   [:-)] 

2) You need to set the UNSECURE variable in /var/yp/Makefile.

Most of this stuff is documented in the various manpages for yp...

One final word of warning.  You'd be best off not distributing your root
password over nis.  In fact, Sun reccomends that when setting up a nis
server, you keep a separate copy of the passwd file, without "system"
users in it.  This will make sharing the pasword file easier across
multiple vendors.  You may want to look at the Sun Answerbooks for some
more tips and ideas:  http://docs.sun.com/


>
>2.) ima RH 7.2 kaksno orodje za snifanje(gledanje prometa) kot je tcpdump 
>na FreeBSDju? yp ni zadnja zadeva,ki jo moram postudirati,pa bi mi prav 
>prisel. Z man -a in man -k za nekaj znacilnih keywordow nisem nicesar 
>nasel. Pa prosim,ne mi o morali,ker ni potrebno,saj potrebujem orodje za 
>lastne potrebe,ne za to,da gledam kaj drugi delajo. :)
>
tcpdump je tudi na Linux-u

LP
Stane erzar
-------------- next part --------------
Skipped content of type multipart/related

More information about the lugos-list mailing list